Geographic locations of user devices are widely used to provide rich user experience in various environments such as proximity-based marketing, travel information, and cloud computing. Especially, cloud service providers require to utilize actual cloud user's locations in location-based cloud services like Amazon GovCloud. However, it is not trivial to obtain the trusted geolocations of the user devices because there are many points for attackers to forge the current geolocations of the cloud user devices. In order to solve this security issue, we propose a novel trusted geolocation framework for the cloud user device. The primary mechanism of the proposed framework is to deliver a trusted channel between a geolocation server and a tiny hypervisor in each mobile client. We leverage the Trusted Platform Module and dynamic root of trust measurement to securely attest the geolocations of the cloud devices. To show the feasibility of the proposed framework, we port Etherpad, a cloud word processor, into the trusted geolocation-based cloud service. We also evaluate the performance overhead of our framework in the cloud device and show that it causes only 8.3% overhead in JavaScript benchmark, which indicates the practicality of the proposed framework.

• 出版日期2016-12